Cloud Security

Ultimate security protection against all types of cyber-attacks

Modern applications’ openness leaves vulnerabilities for attackers to infiltrate your infrastructure which could lead to server downtime, user data breach, and more. Baishan’s Cloud Shield security solution provides broad protection for websites and applications against all common types of sophisticated attacks, including DDoS, web application, and direct to origin attacks, leveraging its high-bandwidth, globally distributed network with multiple tiered architectures.


Complete protection

From Layer 3 to Layer 7, Baishan gets you covered. Each PoP in Baishan’s globally distributed network is built with proprietary DDoS mitigation technologies and AI-powered WAF engine to protect you from all common attacks including Ping floods, ICMP floods, OWASP Top 10 threats, malicious bots, and more. The rulesets are updated continuously by Baishan’s advanced threat intelligence to improve accuracy and to provide protection against zero-day vulnerabilities.

Superior Performance

Cloud Shield security solution provides global protection without sacrificing the performance. It is fully integrated with Baishan’s global edge delivery platform. By bringing the security logics to the edge, Baishan can terminate malicious requests faster and serve the legitimate users directly from its edge cache.

Real-Time Control and Visibility

It is important to see what you are dealing with when it comes to cyber threats. Baishan provides real-time attacks and mitigation statistics on its Portal. The same set of data is also available to be ingested to your own security intelligence platform via API. Also, with self-provisioning portal, you can create your own specific rules based on your business needs.


Comprehensive WAF Rulesets

On top of the rulesets created and maintained by Baishan, its security product also incorporates rulesets from open source communities such as OWASP, Common Vulnerabilities and Exposures (CVE), and Chinese National Vulnerability Database (CNVD). The WAF protects against common attacks, including injection attacks, cross-site scripting, sensitive data exposure, website tempering, directory traversal attack, and more. WAF rules can be customized and managed in real-time via Portal or API based on customers’ each unique request scenarios. All traffic going through WAF is logged and analyzed so that the customers can have 100% visibility into their traffic.

Bot Behavioral Management

Baishan Cloud Shield is built with a sophisticated machine-learning engine to dynamically detect good bots from malicious bots to protect applications against web scrappers, malicious API connections, content tampering, user-specific information stuffing, and more. Customers can also create access control list for bots and customize mechanisms, such as CAPTCHA and JavaScript challenge, to filter away the requests from malicious bots, as an additional layer of protection.

Security scanning and alerting

On top of security protection, Baishan developed a new generation intrusion detection system, Cloud Scan, using full traffic mirroring technology and big data analysis. Cloud Scan focuses on web-level intrusion detection to scan for potential threats, discover business risks, generate audit information, and provide alerting or notification to customers.

3-Level Anti DDoS Scrubbing Center

Baishan works closely with local Internet Service Providers to strategically deploy three-tiered scrubbing centers around the world for more substantial distributed attacks. Each location within the three-tiered scrubbing center can scrub up to 1 Tbps of DDoS traffic with a total of 30 Tbps (and growing) capacity.


Level 1 – ISP level backbone protection

Level 2 - Hardware firewall with proprietary IP reputation database

Level 3 – Application layer with in-depth packet inspection and device fingerprinting


cloud security architecture

Learn more about our Baishan cloud security


Related Products